| Warning |
|---|
!!! We are currently migrating this Cloud Instance to our own hosted Server instance !!!Please follow this link to get to the content you wanted: https://wiki.resolution.de/x/GQCxAQThanks for your understanding. |
SAML Single Sign On is is tested with Confluence Data Center in the following environment.
...
| Code Block |
|---|
<VirtualHost *:443>
ProxyRequests off
#
# confluence59.lab.inserve.local is set up as CNAME to postgres01 in the DNS
#
ServerName confluencedc59.lab.inserve.local
#
# Set a routeID-header. This is important to get sticky sessions: All requests from a client must
# be served by the same Confluence node.
# Without this header, WebSudo is not wirking and the SAMLSSO-Plugin caused redirection-loops between the Confluence nodes.
#
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
<Proxy balancer://confluencecluster>
BalancerMember http://confluencedc01.lab.inserve.local:8090 route=confluencedc01
BalancerMember http://confluencedc02.lab.inserve.local:8090 route=confluencedc02
# Security "we aren't blocking anyone but this the place to make those changes
Order Deny,Allow
Deny from none
Allow from all
</Proxy>
# Here's how to enable the load balancer's management UI if desired
<Location /balancer-manager>
SetHandler balancer-manager
# You SHOULD CHANGE THIS to only allow trusted ips to use the manager
Order deny,allow
Allow from all
</Location>
# Don't reverse-proxy requests to the management UI
ProxyPass /balancer-manager !
# Reverse proxy all other requests to the Confluence cluster
ProxyPass / balancer://confluencecluster/ stickysession=ROUTEID
ProxyPassReverse / balancer://confluencecluster
ProxyPreserveHost on
SSLProxyEngine On
SSLEngine on
SSLCertificateFile /etc/ssl/localcerts/star.lab.inserve.local.pem
SSLCertificateKeyFile /etc/ssl/localcerts/star.lab.inserve.local.key
SSLCertificateChainFile /etc/ssl/localcerts/labca.pem
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost> |
...